mirror of
https://github.com/zeek/zeek.git
synced 2025-10-03 07:08:19 +00:00
641154f8e8
- FileAnalysis::Info is now just a record used for logging, the fa_file record type is defined in init-bare.bro as the analogue to a connection record. - Starting to transfer policy hook triggers and analyzer results to events.
16 lines
419 B
Text
16 lines
419 B
Text
# @TEST-EXEC: bro -r $TRACES/smtp.trace $SCRIPTS/file-analysis-test.bro %INPUT >out
|
|
# @TEST-EXEC: btest-diff out
|
|
# @TEST-EXEC: btest-diff thefile0
|
|
# @TEST-EXEC: btest-diff thefile1
|
|
# @TEST-EXEC: btest-diff thefile2
|
|
|
|
redef test_file_analysis_source = "SMTP";
|
|
|
|
global mycnt: count = 0;
|
|
|
|
redef test_get_file_name = function(f: fa_file): string
|
|
{
|
|
local rval: string = fmt("thefile%d", mycnt);
|
|
++mycnt;
|
|
return rval;
|
|
};
|